IETF Logo Mail Archive

Re: [IPsec] replacing PSKs: CFRG and PAKE

"Valery Smyslov" <smyslov.ietf@gmail.com> Mon, 10 December 2018 08:09 UTC

Return-Path: <smyslov.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1AC3130EB7 for <ipsec@ietfa.amsl.com>; Mon, 10 Dec 2018 00:09:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.499
X-Spam-Level:
X-Spam-Status: No, score=-0.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_WEB=1.5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NKPJdtexk7dd for <ipsec@ietfa.amsl.com>; Mon, 10 Dec 2018 00:09:35 -0800 (PST)
Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32B38130EB0 for <ipsec@ietf.org>; Mon, 10 Dec 2018 00:09:35 -0800 (PST)
Received: by mail-lj1-x233.google.com with SMTP id s5-v6so8691584ljd.12 for <ipsec@ietf.org>; Mon, 10 Dec 2018 00:09:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:content-language :thread-index; bh=EFLg6UO2HOxe53cICj2RRY3OZ6i+5aT46a5bynWxYX8=; b=G3dYZmNswPwK4lejtd3B77nPP9bFrO85BycJISV67OPKdXRDicK+iKPK4PGdwASj0m +3wddBL9m0GRtmY5QNCdjLfBh4MpAxSL1NTk+rl5L4ohhUVBXY3GRez/GNGLW38OPZ2f lhXv4A87cMv0y0eljWRQyddxutkSw5tdQC3Xib9bZrw7Fo6wG5Mb7DEn8lTJNmUpaiVr U7VhgEjYArSqJTCHIF2gZJq9AoJzw/Ua0hKjvxOfyYJBVQnUdA/QsltFQnwRxf3nd+JH /oC6C7cZoDxhCIHharmeUc48vdjwW/zTFfFmq/ZDYaj9YHaQeIfM/F08IP+gbQvHUVVl EPLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-transfer-encoding:content-language :thread-index; bh=EFLg6UO2HOxe53cICj2RRY3OZ6i+5aT46a5bynWxYX8=; b=WZL7eT6nXFT+d3TaZlGIbQROOu1koj/ObjX8eh2ZHHXPmfYDK++Jpg2j+MfnPcLYl7 x00eFZ7vrwTkLjzzvQyQWAZai3q46k1Bk9h1H/yhut2HxlQwWtjsT/w7kz274jPELPrw ysPb4POglW8xCcuju7zUk2PyXlhXaevixcsRGsCOLBljR6J3vb3xJEf2Hn77VXFzKBp5 W91/93P9S1aPVrR2JXEyg/PgldG9oQC3OytrWZR59SISoQxH0EHGLQ4DyZ+OysHv+EWS QCraV+X4TA4BewS7Jn//Pl0w6hItCkW5memH6LGenm7C0ePtxE/oI7ck51pDYsNVUaRB wy/w==
X-Gm-Message-State: AA+aEWak+AMjt5WDXsG3oNfIXUTU1NpzyiQQHBEM4K6NI1GrY8aswObh dxuO/KQMtwtZ7S8s8JUr1TN22Icl
X-Google-Smtp-Source: AFSGD/WTtwaWaJzlVJmtW/P6SKR3La20YyWvSqatWBw0nQWpKtQG7kkfKepSaGZ+1RkKesQXW9kNHg==
X-Received: by 2002:a2e:b00a:: with SMTP id y10-v6mr6190254ljk.109.1544429372926; Mon, 10 Dec 2018 00:09:32 -0800 (PST)
Received: from buildpc ([82.138.51.4]) by smtp.gmail.com with ESMTPSA id s62sm1115786lfg.34.2018.12.10.00.09.31 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 10 Dec 2018 00:09:32 -0800 (PST)
From: Valery Smyslov <smyslov.ietf@gmail.com>
To: 'Nico Williams' <nico@cryptonector.com>, 'Michael Richardson' <mcr@sandelman.ca>
Cc: ipsec@ietf.org
References: <25207.1544136532@localhost> <20181206232532.GQ15561@localhost>
In-Reply-To: <20181206232532.GQ15561@localhost>
Date: Mon, 10 Dec 2018 11:09:25 +0300
Message-ID: <026501d4905f$aacf9250$006eb6f0$@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Content-Language: ru
Thread-Index: AQJjEIcGzPEj/22sYW2hroPcukYuWAJuFVfupEcsIDA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/KzGygtjArk5Asxua_SLCVbOXEWY>
Subject: Re: [IPsec] replacing PSKs: CFRG and PAKE
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2018 08:09:37 -0000

Hi Nico,

> > I think we should ask the CFRG to pick a single balanced PAKE for us.
> 
> They've done so!

Not so sure. In Bangkok the CFRG just decided to start the 
process of selecting "one or more" (that after discussion 
turned out into "zero or more") recommended PAKE(s).

Regards,
Valery.

> https://tools.ietf.org/html/draft-irtf-cfrg-spake2
> 
> That specifies one non-augmented, and one augmented PAKE.
> 
> I think the I-D is close to ready to publish.  As it happens I sent in
> some comments this past weekend.
> 
> Nico
> --
> 
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec

v2.37.1 | Report a Bug | By Email | System Status